xoxys.auditd/templates/etc/audit/rules.d/20-selfaudit.rules.j2

## Audit the audit logs
-w /var/log/audit/ -k auditlog

## Auditd configuration
-w /etc/audit/ -p wa -k auditconfig
-w /etc/libaudit.conf -p wa -k auditconfig
-w /etc/audisp/ -p wa -k audispconfig

## Monitor for use of audit management tools
-w /sbin/auditctl -p x -k audittools
-w /sbin/auditd -p x -k audittools
initial commit 2022-09-23 21:03:22 +00:00			`## Audit the audit logs`
			`-w /var/log/audit/ -k auditlog`

			`## Auditd configuration`
			`-w /etc/audit/ -p wa -k auditconfig`
			`-w /etc/libaudit.conf -p wa -k auditconfig`
			`-w /etc/audisp/ -p wa -k audispconfig`

			`## Monitor for use of audit management tools`
			`-w /sbin/auditctl -p x -k audittools`
			`-w /sbin/auditd -p x -k audittools`